{"id":7664,"date":"2025-05-21T13:41:43","date_gmt":"2025-05-21T18:41:43","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84629"},"modified":"2025-05-21T13:41:43","modified_gmt":"2025-05-21T18:41:43","slug":"multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/05\/21\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms\/","title":{"rendered":"Multi-national warning issued over Russia\u2019s targeting of logistics, tech firms"},"content":{"rendered":" Multi-national warning issued over Russia\u2019s targeting of logistics, tech firms | CyberScoop<\/title> <meta name=\"description\" content=\"APT28, a Russian state-linked hacking group, is targeting Western logistics and tech firms supporting Ukraine.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/russian-apt28-cyberattacks-target-western-logistics-ukraine\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Multi-national warning issued over Russia\u2019s targeting of logistics, tech firms\"> <meta property=\"og:description\" content=\"APT28, a Russian state-linked hacking group, is targeting Western logistics and tech firms supporting Ukraine.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/russian-apt28-cyberattacks-target-western-logistics-ukraine\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-05-21T18:41:43+00:00\"> <meta property=\"article:modified_time\" content=\"2025-05-21T18:41:46+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@gregotto\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1747327192g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1747161863g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84629\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84629\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Frussian-apt28-cyberattacks-target-western-logistics-ukraine%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Frussian-apt28-cyberattacks-target-western-logistics-ukraine%2F&format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-84629 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/russian-apt28-cyberattacks-target-western-logistics-ukraine\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.169230769231\">\n<div class=\"single-article__header-content\" readability=\"35.478149100257\">\n<p> The campaign traces back at least to early 2022, coinciding with the start of Russia\u2019s full-scale invasion of Ukraine. <\/p>\n<p> <!-- Listen to this article section --> <!-- Audio Element --><br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/84629\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p> <!-- Countdown Timer --> <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p> <!-- Tooltip --> <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p> <!-- End of audio player --> <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> The Russian flag flies at the embassy’s compound in Washington, DC, on April 15, 2021. (Photo by MANDEL NGAN\/AFP via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"53.535299374441\"><body readability=\"108.13559322034\"><\/p>\n<p>A joint advisory from intelligence and cybersecurity agencies in the United States, United Kingdom, Canada, Australia and multiple European countries has detailed an ongoing Russian state-sponsored campaign targeting Western logistics organizations and technology companies, especially those supporting aid to Ukraine. The campaign, orchestrated by the group known as APT28 or Fancy Bear, has relied heavily on established techniques to breach organizations and extract sensitive data.<\/p>\n<p>The campaign traces back at least to early 2022, coinciding with the start of Russia\u2019s full-scale invasion of Ukraine. The group, which is tied to Russia\u2019s Main Intelligence Directorate (GRU), has focused on logistics organizations and IT firms involved in coordinating, transporting, and delivering foreign assistance to Ukraine. <\/p>\n<p>Entities across nearly all modes of transportation \u2014 including air, rail, and sea \u2014 as well as government, defense, and IT service sectors have been singled out. Targets are widespread, spanning the United States, Ukraine, several NATO member states, and bordering countries such as Bulgaria, France, Germany, Poland, Romania, and Slovakia.<\/p>\n<p>Those running the campaign have deployed a mixture of previously observed tactics, techniques, and procedures. These have included:<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<ul class=\"wp-block-list\">\n<li>Credential guessing and brute-force attacks supported by anonymization networks such as Tor and commercial VPNs.<\/li>\n<li>Spearphishing attempts aimed at harvesting credentials or delivering malware, with lures typically dressed as official or professional documents and customized to recipients\u2019 languages.<\/li>\n<li>Exploitation of known software vulnerabilities, including the Outlook NTLM flaw (CVE-2023-23397), multiple Roundcube webmail vulnerabilities, and a widely publicized WinRAR bug (CVE-2023-38831).<\/li>\n<li>\u202fAbuse and compromise of internet-facing infrastructure, such as corporate VPNs and small office\/home office (SOHO) devices, to mask malicious activity and proximate operations closer to intended victims.<\/li>\n<li>Efforts aimed at industrial control system manufacturers, particularly in railway management, though the extent of success in these cases remains unconfirmed.<\/li>\n<\/ul>\n<p>Once inside a network, actors conduct reconnaissance to identify further targets and sensitive personnel, leveraging tools like <a href=\"https:\/\/www.kali.org\/tools\/impacket\/\">Impacket<\/a> and <a href=\"https:\/\/www.cisa.gov\/resources-tools\/services\/microsoft-psexec\">PsExec<\/a> for lateral movement. They have been observed deploying malware variants \u2014 most notably <a href=\"https:\/\/www.broadcom.com\/support\/security-center\/protection-bulletin\/headlace-backdoor-distributed-by-the-swallowtail-apt\">HeadLace<\/a> and <a href=\"https:\/\/www.broadcom.com\/support\/security-center\/protection-bulletin\/apt28-group-targets-ukraine-with-new-masepie-malware\">Masepie<\/a> \u2014 and using techniques such as scheduled tasks, registry modifications, and malicious shortcuts to stay inside a network.<\/p>\n<p>The campaign incorporates multi-stage phishing infrastructure, with redirectors screening connection attempts by location or browser details, adding another layer of security that makes their campaigns harder to detect. <\/p>\n<p>Beyond traditional IT environments, the campaign has expanded to include widespread targeting of IP cameras, especially those at border crossings and transport hubs. Using both default and brute-forced credentials, the group has obtained access to the video feeds and metadata of thousands of cameras, the majority located in Ukraine and neighboring states. The intent appears to be to physically track aid deliveries and transport activity.<\/p>\n<p>The campaign showcases the group\u2019s continued reliance on public vulnerabilities and \u201cliving-off-the-land\u201d (LOTL) approaches. The advisory notes that tools and utilities commonly used for system administration, such as <a href=\"https:\/\/learn.microsoft.com\/en-us\/previous-versions\/windows\/it-pro\/windows-server-2012-r2-and-2012\/cc753343(v=ws.11)\">ntdsutil<\/a>, <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows-server\/administration\/windows-commands\/wevtutil\">wevtutil<\/a>, and <a href=\"https:\/\/learn.microsoft.com\/en-us\/powershell\/\">PowerShell<\/a>, are regularly repurposed by attackers. As a result, organizations are cautioned to develop nuanced detection strategies to avoid false positives.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The advisory, issued by 25 intelligence, military, and cybersecurity agencies, reflects an unprecedented level of international collaboration and information sharing on Russian state cyber operations. While the technical means and targets have become more complex and widespread, the campaign\u2019s objectives remain overtly aligned with Russia\u2019s military and strategic interests concerning Ukraine and the wider region.<\/p>\n<p>Private companies have also been observing Russian actions taken in relation to its war with Ukraine. The GRU has also been targeting email accounts of top Ukrainian officials and executives at foreign defense contractors supplying weapons to Ukraine, <a href=\"https:\/\/cyberscoop.com\/russia-fancy-bear-gru-ukrainian-military-contractors\/\">according to ESET research<\/a>. Since at least 2023, the group has used spearphishing and exploited cross-site scripting vulnerabilities in webmail platforms like Roundcube, Horde, MDaemon, and Zimbra.<\/p>\n<p>\u201cRussian military intelligence has an obvious need to track the flow of material into Ukraine, and anyone involved in that process should consider themselves targeted,\u201d said John Hultquist, chief analyst, Google Threat Intelligence Group. \u201cBeyond the interest in identifying support to the battlefield, there is an interest in disrupting that support through either physical or cyber means. These incidents could be precursors to other serious actions.\u201d<\/p>\n<p>You can read the full advisory <a href=\"https:\/\/media.defense.gov\/2025\/May\/21\/2003719846\/-1\/-1\/0\/CSA_RUSSIAN_GRU_TARGET_LOGISTICS.PDF\">here<\/a>. <\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"4.0025906735751\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/multi-national-warning-issued-over-russias-targeting-of-logistics-tech-firms-1.jpg?w=640&ssl=1\" alt=\"Greg Otto\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Greg Otto<\/h4>\n<p> Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/russian-apt28-cyberattacks-target-western-logistics-ukraine\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Multi-national warning issued over Russia\u2019s targeting of logistics, tech firms<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1504,78,1009,1505,117,466,661,60,4321,4322,270,288,2917,354],"tags":[1507,86,1012,1508,119,470,662,67,4323,4324,276,294,2920,358],"class_list":["post-7664","post","type-post","status-publish","format-standard","hentry","category-apt-28","category-cybersecurity","category-eset","category-fancy-bear","category-government","category-gru","category-nato","category-phishing","category-powershell","category-psexec","category-russia","category-threats","category-transportation","category-ukraine","tag-apt-28","tag-cybersecurity","tag-eset","tag-fancy-bear","tag-government","tag-gru","tag-nato","tag-phishing","tag-powershell","tag-psexec","tag-russia","tag-threats","tag-transportation","tag-ukraine"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/apt-28\/\" rel=\"category tag\">apt 28<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/eset\/\" rel=\"category tag\">ESET<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/fancy-bear\/\" rel=\"category tag\">Fancy Bear<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/gru\/\" rel=\"category tag\">GRU<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nato\/\" rel=\"category tag\">NATO<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/phishing\/\" rel=\"category tag\">phishing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/powershell\/\" rel=\"category tag\">powershell<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/psexec\/\" rel=\"category tag\">PsExec<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/russia\/\" rel=\"category tag\">Russia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/transportation\/\" rel=\"category tag\">transportation<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ukraine\/\" rel=\"category tag\">Ukraine<\/a>","tag_info":"Ukraine","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7664","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7664"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7664\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7664"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7664"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7664"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}